SDN-based DDoS Attack Mitigation Scheme using Convolution Recursively Enhanced Self Organizing Maps


In a cloud computing environment, the Distributed Denial of Service (DDoS) attack is considered as the crucial issue that needs to be addressed in ensuring the availability of resources that emerge due to the compromisation of hosts. The process of detecting and preventing DDoS attacks is determined to be predominant when the potential benefits of decoupling data plane from the control plane are facilitated through the Software Defined Networking (SDN) in the cloud environment. The incorporation of SDN in DDoS mitigation also enhances the probability of investigating the data traffic flow using the reactive process of updating forwarding rules, analyzing the network with a global view and centralized control in monitoring for better DDoS mitigation enforcement. In this paper, a Convolution Recursively Enhanced Self Organizing Map and Software Defined Networking-based Mitigation Scheme (CRESOM-SDNMS) is proposed for ensuring the better rate of detection during the process of preventing DDoS attacks in clouds. This proposed CRESOM-SDNMS facilitates a predominant option in resolving the issue of vector quantization with enhanced topology preservation and the superior initialization mechanism during the process of SOM-based categorization of flooded data traffic flows into genuine and malicious. The simulation experiments and results of the proposed CRESOM-SDNMS confirmed a superior classification accuracy of around 21% when compared to the existing systems with minimized False Positive rate of 19% compared to the benchmarked DDoS mitigation schemes of the literature.

This is a preview of subscription content, access via your institution.

Figure 1
Figure 2
Figure 3
Figure 4
Figure 5
Figure 6
Figure 7
Figure 8
Figure 9
Figure 10
Figure 11
Figure 12
Figure 13


  1. 1

    Bhushan K and Gupta B B 2018 Distributed denial of service (DDoS) attack mitigation in software defined network (SDN)-based cloud computing environment. Journal of Ambient Intelligence and Humanized Computing 1(1): 56–69

    Google Scholar 

  2. 2

    Braga R, Mota E and Passito A 2010 Lightweight DDoS flooding attack detection using NOX/OpenFlow. IEEE Local Computer Network Conference 1(1): 22–34

    Google Scholar 

  3. 3

    Yan Q, Yu F R, Gong Q and Li J 2016 Software-defined networking (SDN) and distributed denial of service (DDoS) attacks in cloud computing environments: a survey, some research issues, and challenges. IEEE Communications Surveys & Tutorials 18(1): 602–622

    Article  Google Scholar 

  4. 4

    Bannour F, Souihi S and Mellouk A 2018 Distributed SDN control: survey, taxonomy, and challenges. IEEE Communications Surveys & Tutorials 20(1): 333–354

    Article  Google Scholar 

  5. 5

    Amin R, Reisslein M and Shah N 2018 Hybrid SDN networks: a survey of existing approaches. IEEE Communications Surveys & Tutorials 1(1): 1–21

    Google Scholar 

  6. 6

    Tamanna T, Fatema T and Saha R 2017 SDN, A research on SDN assets and tools to defense DDoS attack in cloud computing environment. 2017 International Conference on Wireless Communications, Signal Processing and Networking (WiSPNET) 1(2): 78–89

  7. 7

    Aamir M and Zaidi M A 2013 A survey on DDoS attack and defense strategies: from traditional schemes to current techniques. Interdisciplinary Information Sciences 19(2): 173–200

    Article  Google Scholar 

  8. 8

    Jonker M and Sperotto A 2015 Mitigating DDoS attacks using OpenFlow-based software defined networking. Intelligent Mechanisms for Network Configuration and Security 1(1): 129–133

    Article  Google Scholar 

  9. 9

    Mariette J and Villa-Vialaneix N 2016 Aggregating self-organizing maps with topology preservation. Advances in Self-Organizing Maps and Learning Vector Quantization 1(2): 27–37

    Article  Google Scholar 

  10. 10

    Cottrell M, Olteanu M, Rossi F and Villa-Vialaneix N 2016 Theoretical and applied aspects of the self-organizing maps. Advances in Self-Organizing Maps and Learning Vector Quantization 1(1): 3–26

    Article  Google Scholar 

  11. 11

    Karnwal T, Thandapanii S and Gnanasekaran A 2013 A filter tree approach to protect cloud computing against XML DDoS and HTTP DDoS attack. Advances in Intelligent Systems and Computing 1(1): 459–469

    Article  Google Scholar 

  12. 12

    Cotton M 2017 DDoS attacks: defending cloud environments. Advances in Intelligent Systems and Computing 1(1): 907–909

    Google Scholar 

  13. 13

    Wang B, Zheng Y, Lou W and Hou Y T 2015 DDoS attack protection in the era of cloud computing and software-defined networking. Computer Networks 81(1): 308–319

    Article  Google Scholar 

  14. 14

    Khimabhai Y A and Rohokale V 2016 SDN control plane security in cloud computing against DDoS attack. In: Proceedings of the International Conference on Advances in Information Communication Technology & Computing - AICTC ‘16 1(1): 45–56

  15. 15

    Mousavi S M and St-Hilaire M 2017 Early detection of DDoS attacks against software defined network controllers. Journal of Network and Systems Management 26(3): 573–591

    Article  Google Scholar 

  16. 16

    Kilari N and Sridaran R 2017 A novel approach to protect cloud environments against DDOS attacks. Advances in Intelligent Systems and Computing 1(1): 515–523

    Google Scholar 

  17. 17

    Johnson Singh K and De T 2017 Mathematical modelling of DDoS attack and detection using correlation. Journal of Cyber Security Technology 1(3–4): 175–186

    Article  Google Scholar 

  18. 18

    Dang-Van T and Truong-Thu H 2017 A multi-criteria based software defined networking system architecture for DDoS-attack mitigation. REV Journal on Electronics and Communications 1(1): 45–55

    Google Scholar 

  19. 19

    Pillutla H and Arjunan A 2019 Fuzzy self organizing maps-based DDoS mitigation mechanism for software defined networking in cloud computing. Journal of Ambient Intelligence and Humanized Computing 10(4): 1547–1559

    Article  Google Scholar 

  20. 20

    Zhao C and Liu F 2018 DDoS attack detection based on self-organizing mapping network in software defined networking. MATEC Web of Conferences 176(1): 01026

    Google Scholar 

  21. 21

    Kohonen T 2001 Self-Organizing Maps. Springer Series in Information Sciences 1(1): 78–102

    MATH  Google Scholar 

  22. 22

    Horio K, Aikawa A and Yamakawa T 2014 Pattern Recognition based on relative position of local features using self-organizing map. First International Conference on Innovative Computing, Information and Control - Volume I (ICICIC’06) 1(2): 12–25

  23. 23

    Mohebi E and Bagirov A 2014 A convolutional recursive modified Self Organizing Map for handwritten digits recognition. Neural Networks 60(1): 104–118

    Article  Google Scholar 

  24. 24

    Deepali and Bhushan K 2017 DDoS attack mitigation and resource provisioning in cloud using fog computing. 2017 International Conference On Smart Technologies For Smart Nation (SmartTechCon) 1(1): 56–65

  25. 25

    Challagidad P S and Birje M N 2017 Trust management in cloud computing. 2017 International Conference on Smart Technologies for Smart Nation (SmartTechCon) 1(1): 45–56

  26. 26

    Xu Y and Liu Y 2016 DDoS attack detection under SDN context. IEEE INFOCOM 2016 - The 35th Annual IEEE International Conference on Computer Communications 1(1): 45–56

  27. 27

    Wang W, Ke X and Wang L 2018 A HMM-R approach to detect L-DDoS attack adaptively on SDN controller. Future Internet 10(9): 83

    Article  Google Scholar 

  28. 28

    Aamir M and Zaidi S M 2019 Clustering based semi-supervised machine learning for DDoS attack classification. Journal of King Saud University - Computer and Information Sciences 1(1): 56–67

    Google Scholar 

Download references

Author information



Corresponding author

Correspondence to Pillutla Harikrishna.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Harikrishna, P., Amuthan, A. SDN-based DDoS Attack Mitigation Scheme using Convolution Recursively Enhanced Self Organizing Maps. Sādhanā 45, 104 (2020).

Download citation


  • Software Defined Networking
  • Convolution Recursively Enhanced Self Organizing Map (CRESOM)
  • DDoS attacks
  • learning rate